The effort to take down a network of over 4,000 bots has been under way since 2008, which both illustrates the patience and frustration generally associated with such efforts. According to Dave Sancho, senior threat researcher at Trend Micro, the group's favorite tactic was to insert malware into a select few ads on a Web site, and then divert people to a set of DNS servers that the group has been managing in order to distribute everything from fake anti-virus software to offers to buy various kinds of pharmaceuticals.

According to Trend Micro, the cyber crime group was operating as an Estonian company known as Rove Digital, which is the mother company of many other companies like Esthost, Estdomains, Cernel, UkrTelegroup and many less well-known shell companies.

Discovering the extent of the group's activities was one thing, coordinating the activities of the various enforcement agencies required to take down a cybercriminal organization that operates across multiple borders is another. Sancho says in the case the biggest challenge was first coordinating all the activities of the Federal Bureau of Investigation (FBI) in the U.S. with their counterparts in Estonia. Trend Micro also had to work with a variety of third-party organizations that help track cybercriminal activity to identify the extent of the group's activities, says Sancho.

What's most important, says Sancho, is that it's not enough to simply eliminate the IT infrastructure being used by the cybercriminals, but also make sure that there are no technicalities that would result in those criminals being set free to set up shop again in some other country. The takedown of Rove Digital won't eliminate cyber crime, but Sancho says it will put a noticeable dent for the time being in the volume of criminal activity.